00001 <?php
00002 # This file is part of the Savane project
00003 # <http://gna.org/projects/savane/>
00004 #
00005 # $Id: sendmessage.php 5398 2006-02-16 12:42:22Z yeupou $
00006 #
00007 # Copyright 1999-2000 (c) The SourceForge Crew
00008 # Copyright 2000-2003 (c) Free Software Foundatio
00009 #
00010 # Copyright 2003-2006 (c) Mathieu Roy <yeupou--gnu.org>
00011 #
00012 # The Savane project is free software; you can redistribute it and/or
00013 # modify it under the terms of the GNU General Public License
00014 # as published by the Free Software Foundation; either version 2
00015 # of the License, or (at your option) any later version.
00016 #
00017 # The Savane project is distributed in the hope that it will be useful,
00018 # but WITHOUT ANY WARRANTY; without even the implied warranty of
00019 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
00020 # GNU General Public License for more details.
00021 #
00022 # You should have received a copy of the GNU General Public License
00023 # along with the Savane project; if not, write to the Free Software
00024 # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
00025
00026 require "./include/pre.php";
00027
00028 # FIXME: should use register_globals_off() instead
00029 # lorenzo lorenzohgh@tuxedo-es.org
00030 # Declaring variables BY method
00031
00032 # Replaced the old if/elseif statements w/ $_REQUEST
00033
00034 $touser = $_REQUEST['touser'];
00035 $send_mail = $_REQUEST['send_mail'];
00036 $subject = $_REQUEST['subject'];
00037 $body = $_REQUEST['body'];
00038 $freedback = $_REQUEST['feedback'];
00039
00040 if (user_isloggedin())
00041 {
00042
00043
00044 if ($touser)
00045 {
00046 # Search infos in the database about the user
00047 $result=db_query("SELECT email,user_name FROM user WHERE user_id='$touser' AND status='A'");
00048 if (!$result || db_numrows($result) < 1)
00049 {
00050 exit_error(_('That user does not exist'));
00051 }
00052 }
00053 else
00054 {
00055 exit_missing_param();
00056 }
00057
00058
00059 if ($send_mail)
00060 {
00061
00062 if (!$subject || !$body || !$fromuser)
00063 {
00064 # Force them to enter all vars
00065 exit_missing_param();
00066 }
00067 else
00068 {
00069 # Let sendmail_mail() figuring out real email addresses
00070 sendmail_mail($fromuser, $touser, $subject, stripslashes($body));
00071 $HTML->header(array('title'=>_('Message Sent')));
00072 print html_feedback_top($GLOBALS['feedback']);
00073 $HTML->footer(array());
00074 exit;
00075 }
00076
00077 }
00078 else
00079 {
00080
00081 $HTML->header(array('title'=>_('Send a message')));
00082 sendmail_form_message($PHP_SELF, $touser);
00083 $HTML->footer(array());
00084
00085 }
00086
00087 } else {
00088
00089 # Not logged-in, no mail to be sent.
00090 exit_not_logged_in();
00091
00092 }
00093
00094
00095 ?>
